Question : How to delete a user certicate with a batch file?

OK..I have a situation where over half of the client PC's certificates expired on 2/25/08. So if I open the

1. MMC
2. Add the snap-in for certificates
3. Under the certificates go to the 'Personal' folder

This is where I find the expired certificate. I have an automated file I can run which is a .bat file that will add a new certificate to the PC. This issue there are then two certificates the old 2/25/08 & the new 3/3/09 certificates are both showing. We cannot authenticate specific apps that require a certificate when both are there. If I open the MMC and delete the old certificate, it all works just fine.

Is there a command string or code I can add to a .bat file to delete all user certificates under the 'Personal' folder of the MMC? Even if it is a .vbs that will work and I can call it from the .bat file. This way I can add a new certificate leaving only one.

Help - Thanks in Advance

Answer : How to delete a user certicate with a batch file?

It looks like your best bet would be to download a Microsoft program named
certutil.exe
as described here:
Certutil
http://technet2.microsoft.com/windowsserver/en/library/a3d5dbb9-1bf6-42da-a13b-2b220b11b6fe1033.mspx

The command to put in your batch file will probably look something like:
certutil -delstore -user 1

See also:
http://groups.google.com/group/microsoft.public.windows.server.general/browse_thread/thread/c2c5ccf7b7fa91c5/b1b831663b5b3d55

=--==-=-=-=-
Another MS tool, that comes with the .Net Framework:
Certificate Manager Tool (Certmgr.exe)
http://msdn2.microsoft.com/en-us/library/e78byta0(VS.71).aspx
also supports command-line options to delete certs

=-=-=-=-=-=-=-=
Another alternative might be to delve into the registry and locate and delete the relevant entry. See
http://msdn2.microsoft.com/en-us/library/aa388136(VS.85).aspx
for locations of system certs. FOr the location of user certs, look into the filesystem:
C:\Documents and Settings\\Application Data\Microsoft\SystemCertificates\My\Certificates

Finally (and this is what I'd do), you could write a short C++ program to use Win32 API functions, and then execute that from your batch file. The API documentation includes plenty of example code for opening a cert store, locating a cert, and deleting it:

CertFindCertificateInStore Function
http://msdn2.microsoft.com/en-us/library/aa376064(VS.85).aspx

CertDeleteCertificateFromStore Function
http://msdn2.microsoft.com/en-us/library/aa376040(VS.85).aspx

Example C Program: Deleting Certificates from a Certificate Store
http://msdn2.microsoft.com/en-us/library/aa382045(VS.85).aspx

=-=-=-=-=-=-=-=
Note: I have NOT personally used any of these techniques, so I suggest caution.

Random Solutions

Pass through authentication for domain users in IIS 6.0

Exchange 2007 to remote non Outlook/Exchange clients. Attachment not received

foward one email to multiple people exchange 2007

how to get rid of the bcmwltry.exe-application error

Win7 Ultimate upgrade in stages using OEM DVD

PowerPoint 2003 the Organization Chart server can't be found

moving Office 2007 from old computer to new one

no change-event checkbox in datagridview

Need help troubleshooting VMware ESXi 4.0 PSoD